Passwords and password protection schemes are commonly employed to control access to computer systems and programs. Each time a user wishes to use the computer or program he/she is asked to enter the password. If the password is valid, the user will be permitted to access the data and/or execute the programs. Persons not entering a valid password are denied to access the data or program information. In this way, a password protection system should protect the proprietary or confidential information retained by the computer and should prevent unauthorized use.
Since a user works with several computers and programs he is forced to remember many passwords. Many tend to re-use passwords accidentally or deliberately leading to security problems.
Most personal computers (PCs) and laptop computers can not solve sufficiently the problem of security by simply asking for a password. PC operating systems running on modern hardware, including DOS, Windows, and MacOS, have been assaulted by a barrage of viruses, Trojan horses, and other malicious software, also referred to as malware. The release and use of such malware has been essentially a form of vandalism and its danger grows with the use of the Internet. The security risk of downloading the above-mentioned Trojan horses becomes more serious and widespread and is often underestimated. Such Trojan horses are malicious files or programs that when being executed masquerade as a benign application and might control programs or even the entire system. Other malicious programs attempt to steal login names and passwords. These passwords are often then sent to anonymous e-mail addresses. In general, a Trojan horse is a program misrepresenting itself as doing a useful service.
It is often the fact that the user does not know exactly whether he/she inputs the password to the correct system or program. In a further safety problematic example, when the main power source is switched on, the display starts to display the display data stored in the video RAM. At this time, a password-input window is displayed on a part of the display screen. Therefore, anyone can obtain information concerning the interrupted data processing from the display data displayed in the background of the password-input window. In other words, an unauthorized user can obtain the information without inputting any password. On the other hand, it is possible for an unauthorized user to find the registered password in may systems by repeatedly inputting a password selected at random.
The form factor and usage characteristics of handheld devices, such as personal digital assistants, also abbreviated as PDAs, makes them extremely desirable for use in many e-commerce applications. The most advantageous feature of these PDAs resides in that everyone can easily use them by a simple operation irrespective of a place. On the other hand, wide spread of the PDAs tends to increase the opportunity of processing secret information. Therefore, sufficient consideration is required with regard to the security function. Conventionally, the security function is realized by programming the PDA to check a password input each time the power source is switched on. In this password check, inputting of a password is requested immediately after start of power supply, and then it is checked whether the input password coincides with a password previously registered. When coincidence is detected therebetween, the PDA or personal computer becomes active to start a data processing corresponding to an instruction input by the operator. Unfortunately, current PDA operating systems do not offer the needed security for e-commerce applications. The very fact that PDAs are powerful and general purpose computing devices renders them vulnerable to attack. E-commerce systems based upon PDAs are potentially vulnerable to an entire range of attacks which also can endanger other included systems, e.g. smartcards.
If one use such systems for economically meaningful transactions, there is far greater benefit and hence incentive for an attacker. Thus, the need for security is essential, whereby a call arises for an appropriate secure password entry mechanism.
U.S. Pat. No. 5,931,948 is related to a portable computer system having password control means for holding one or more passwords such that the passwords are unreadable by direct access from a main processor.
In U.S. Pat. No. 5,091,939 a method and apparatus for password protection of a computer is disclosed. Therein the user's password entry is compared to the value of a secondary password retained by the computer as well as the value of the user's stored primary password. The user may thus access the computer when his primary password is corrupted or forgotten by obtaining an alternate password from the computer manufacturer which matches the secondary password generated or stored by the computer. The operation of the method and the organization of the apparatus make the secondary and alternate passwords valid for a limited time, thereby preserving the overall integrity of the password protection system.